Build and Run a Docker Image
ForgeRock delivers a Dockerfile inside IG-7.1.2.zip
, to help you build an
evaluation-only, base Docker image for IG. After building and running
the Docker image, add a configuration as described in Add Configuration to a Docker Image.
ForgeRock provides no commercial support for production deployments that use ForgeRock’s evaluation-only Docker images. When deploying the ForgeRock Identity Platform using Docker images, you must build and use your own images for production deployments. |
The Docker image has the following characteristics:
-
The Docker image runs on Linux and Mac operating systems.
-
IG binaries are delivered in
/opt/ig
. -
The environment variable
$IG_INSTANCE_DIR
has the value/var/ig
. -
A ForgeRock user with username:
forgerock
and uid:11111
, runs the IG process and owns the configuration files.
Build the Base Image for IG
-
Download
IG-7.1.2.zip
from the ForgeRock BackStage download site, and unzip. The directory/path/to/identity-gateway
is created. -
With a Docker daemon running, build a base Docker image, using /path/to/identity-gateway:
/path/to/identity-gateway$ docker build . -f docker/Dockerfile -t ig-image Sending build context to Docker daemon Step 1/7 : FROM gcr.io/forgerock-io/java-11:latest latest: Pulling from forgerock-io/java-11 ... Successfully tagged ig-image:latest
-
Make sure that the Docker image is available:
$ docker image list REPOSITORY TAG IMAGE ID ig-image latest gcr.io/forgerock-io/java-11 latest
Run the Docker Image
The following steps run the Docker image on port 8080
. Make sure that the
port is not being used, or use a different port as described in the procedure.
-
With a Docker daemon running, run the Docker image:
$ docker run -p 8080:8080 ig-image
IG starts up, and the console displays the message log.
-
Go to http://localhost:8080 to view the IG welcome page.
Consider using the following options when you run the Docker image:
-
The default ports
8080:8080
equate tolocal-machine-port:internal-container-port
. IG can run on a different port, but the container must always run on8080
. The following example runs IG on port8090
:$ docker run -p 8090:8080 ig-image
-
The default configuration directory is
/var/ig/
. The following example sets the configuration directory to$HOME/.openig
:$ docker run -p 8080:8080 -v $HOME/.openig:/var/ig/ ig-image
-
Run the image in sh shell, in interactive mode, using the provided Forgerock user:
$ docker run -p 8080:8080 -it --user 11111 ig-image sh